Gmail Account Might Be Hacked Due To A New Phishing Scam; Putting Experts In Worry

By Staff Reporter | Jan 17, 2017 | 22:04 PM EST

Gmail is the latest victim of a phishing scam that is even putting the tech experts in tension. This scam has been described the most convincing yet a tricky one that allowed users to disclose their login details. Moreover, it allows an attacker to even go through the user's messages. Scary, isn't it?

According to Daily Mail Online, this latest phishing scam is extremely dangerous as it allows the attacker to copy the user's style of writing allowing mail to easily enter into the victim's inbox. Now, Gmail has issued warning to all its users to prevent them from disclosing their account details before going through the sent messages folder for latest victims to pass on the email on how it works.

Interestingly, the fake mail uses attachments that look like a PDF file. When users click on it, they are directed to the phishing page which appears like the  original Google sign in page. Once the user enters the log in details, the account gets compromised. The problem becomes even  more serious since users might get the fake attachments from other users in their address book. This makes it easier for the hacker to pass on the mail to the victim's contact.

As per The Mirror, these phishing pages also don't trigger Google's HTTPS security warning that usually issues warning to users when land on an unsafe page. This scam was first discovered by Wordfence CEO, Mark Maunder. According to Mr. Maunder, the scam was so convincing that it is even capable of fooling experienced tech experts.

According to one of the victims of the scam, the attacker logs into the account once they get the user's credentials they use the victim's style of writing mail, copy actual subject lines and sends it to people in their contact list. In fact, the attacker signing into the account happens really fast. As per experts, it might either be automated or it might be monitored by a team of hackers.

The experts warn users to log in to the Gmail account carefully checking the green sign and the lock that appears on the left. If users can't verify the protocol and host name, users should stop and check on what they clicked on.

Related Stories

Latest News